﻿<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
        <title>Labtables: Controle do Acesso à Internet</title>
        <link href="labtables.css" rel="stylesheet" type="text/css" />
    </head>
    
    <body>
    <?php
	require_once('functions.php');
	session_start();
	if(isAuthenticated() == false)
	{
		echo "<p class='error_message'>Por favor, efetue o login.</p>";
		exit;
	}
	?>
   	<div id="header">
    	<h1>Labtables: Controle do Acesso à Internet</h1>
    </div>
    
    <div id="menu">
        <?php require_once('menu.php'); ?>
	</div>
    	
    <div id="content">
    	<?php
			require_once('conexao.class.php');
			@$action = $_GET['action'];
			switch($action)
			{
				case 'add':
					?>
                    <form action="labs.php?action=create" method="post">
					<table class="content_table">
                    	<tr>
                        	<th>Nome</th>
                            <td><input type='text' name='nome' maxlength="255" /></td>
                        </tr>
                        <tr>
                        	<th>Descrição</th>
                            <td><textarea name="descricao" cols="145" rows="20"></textarea></td>
                        </tr>
                        <tr>
                        	<td class="bottom_row" colspan="2">
                            	<input type='submit' value='Cadastrar laboratório' />&nbsp;
                                <input type='reset' value='Limpar' />
                            </td>
                        </tr>
                    </table>
					</form>
					<?php
				break;
				
				
				case 'create':
					$nome = trim($_POST['nome']);
					$descricao = trim($_POST['descricao']);
					$c = new conexao;
					$c->set_charset('utf8');
					$q = "INSERT INTO laboratorios(nome, descricao) VALUES('$nome', '$descricao');";
					$c->query($q);
					$q = "INSERT INTO logs(username, acao, data) VALUES('" . $_SESSION['username'] . "', 'Adicionou um novo laboratório no sistema.', now());";
					$c->query($q);
					header('Location: labs.php');
				break;
				
				case 'acesso':
					?>
                    <form action='labs.php?action=efetuarregras' method="post">
					<table class="content_table">
                    	<tr>
                        	<th>Laboratório</th>
							<th>Ativar/bloquear</th>
                        </tr>
                    	<?php
						$c = new conexao;
						$c->set_charset('utf8');
						$q = "SELECT * FROM laboratorios;";
						$r = $c->query($q);
						while($laboratorio = $r->fetch_object()): ?>
						<tr>
                        	<td><?php echo $computador->nome; ?></td>
                            <?php if($laboratorio->status == 'Ativo'): ?>
                            <td>
                            	<input type='radio' name='laboratorio[<?php echo $laboratorio->id; ?>]' value='Ativo' checked />Ativo&nbsp;
                                <input type='radio' name='laboratorio[<?php echo $computador->id; ?>]' value='Bloqueado' />Bloqueado
                            </td>
                            <?php else: ?>
                            <td>
	                            <input type='radio' name='laboratorio[<?php echo $laboratorio->id; ?>]' value='Ativo' />Ativo&nbsp;
                                <input type='radio' name='laboratorio[<?php echo $laboratorio->id; ?>]' value='Bloqueado' checked />Bloqueado
                            </td>
                            <?php endif; ?>
                        </tr>
						<?php endwhile; ?>
                        <tr>
                        	<td class="bottom_row" colspan="2">
                            	<input type='submit' value='Bloquear/liberar' />
                            </td>
                        </tr>
                    </table>
                    </form>
                    <?php
				break;
				
				
				
				case 'efetuarregras':
					$c = new conexao;
					$c->set_charset('utf8');
					foreach($_POST['laboratorio'] as $laboratorio_id => $status):
						$q = "UPDATE laboratorios SET status = '$status' WHERE id = '$laboratorio_id';";
						$c->query($q);
						$q = "UPDATE computadores SET status = '$status' WHERE laboratorio_id = '$laboratorio_id';";
						$c->query($q);
						$q = "SELECT * FROM computadores WHERE laboratorio_id = '$laboratorio_id';";
						$r = $c->query($q);
						while($computador = $r->fetch_object()):
							if($status == 'Ativo'):
								shell_exec("sudo iptables -t filter -D FORWARD -s " . $computador->ip . " -j DROP");
							else:
								shell_exec("sudo iptables -t filter -A FORWARD -s " . $computador->ip . " -j DROP");
							endif;
						endwhile;
						$q = "INSERT INTO logs(username, acao, data) VALUES('" . $_SESSION['username'] . "', '$status o laboratório $laboratorio_id.', now());";
						$c->query($q);
					endforeach;
					header('Location: labs.php?action=acesso');
				break;
				
				
				
				case 'delete':
					$id = $_GET['id'];
					$c = new conexao;
					$c->set_charset('utf8');
					$q = "SELECT a.ip FROM computadores AS a INNER JOIN laboratorios AS b ON a.laboratorio_id = b.id WHERE b.id = '$id';";
					$r = $c->query($q);
					while($computador = $r->fetch_object()):
						$comando = "sudo iptables -t filter -D FORWARD -s " . $computador->ip . " -j DROP";
						shell_exec($comando);
					endwhile;
					$q = "DELETE FROM computadores WHERE laboratorio_id = '$id';";
					$c->query($q);
					$q = "DELETE FROM laboratorios WHERE id = '$id';";
					$c->query($q);
					$q = "INSERT INTO logs(username, acao, data) VALUES('" . $_SESSION['username'] . "', 'Apagou o laboratório $id.', now());";
					$c->query($q);
					header('Location: labs.php');
				break;
				
				
				case 'edit':
					$id = $_GET['id'];
					$c = new conexao;
					$c->set_charset('utf8');
					$q = "SELECT * FROM laboratorios WHERE id = '$id';";
					$r = $c->query($q);
					$laboratorio = $r->fetch_object();
					?>
                    <form action="labs.php?action=update&id=<?php echo $id; ?>" method="post">
					<table class="content_table">
                    	<tr>
                        	<th>Nome</th>
                            <td><input type='text' name='nome' maxlength="255" value='<?php echo $laboratorio->nome; ?>'/></td>
                        </tr>
                        <tr>
                        	<th>Descrição</th>
                            <td><textarea name="descricao" cols="145" rows="20"><?php echo $laboratorio->descricao; ?></textarea></td>
                        </tr>
                        <tr>
                        	<td class="bottom_row" colspan="2">
                            	<input type='submit' value='Cadastrar laboratório' />&nbsp;
                                <input type='reset' value='Limpar' />
                            </td>
                        </tr>
                    </table>
					</form>
                    <?php
				break;
				
				
				case 'update':
					$id = $_GET['id'];
					$nome = trim($_POST['nome']);
					$descricao = trim($_POST['descricao']);
					$c = new conexao;
					$c->set_charset('utf8');
					$q = "UPDATE laboratorios SET nome = '$nome', descricao = '$descricao' WHERE id = '$id';";
					$c->query($q);
					$q = "INSERT INTO logs(username, acao, data) VALUES('" . $_SESSION['username'] . "', 'Editou o laboratório $laboratorio_id.', now());";
					$c->query($q);
					header('Location: labs.php');
				break;
				
				
				case 'view':
					$id = $_GET['id'];
					$c = new conexao;
					$c->set_charset('utf8');
					$q = "SELECT * FROM laboratorios WHERE id = '$id';";
					$r = $c->query($q);
					$laboratorio = $r->fetch_object();
					?>
                    <table class="content_table">
                    	<tr>
                        	<th>ID</th>
                            <td colspan="2"><?php echo $laboratorio->id; ?></td>
                        </tr>
                        <tr>
                        	<th>Nome</th>
                            <td colspan="2"><?php echo $laboratorio->nome; ?></td>
                        </tr>
                        <tr>
                        	<th>Descrição</th>
                            <td colspan="2"><?php echo nl2br($laboratorio->descricao); ?></td>
                        </tr>
                        <tr>
                        	<th colspan="3" class="bottom_row">Máquinas do laboratório</th>
                        </tr>
                        <tr>
                        	<th>IP</th>
                            <th>Nome</th>
                            <th>Descrição</th>
                        </tr>
                        <?php
						$q = "SELECT a.*, b.* FROM laboratorios AS a INNER JOIN computadores AS b ON a.id = b.laboratorio_id WHERE a.id = '$id';";
						$r = $c->query($q);
						while($computador = $r->fetch_object()):?>
                        <tr>
                        	<td><?php echo $computador->ip; ?></td>
                            <td><?php echo $computador->nome; ?></td>
                            <td><?php echo $computador->descricao; ?></td>
                        </tr>
                        <?php endwhile; ?>
                    </table>
                    <?php
				break;
				
				
				default:
					?>
                    <table class="content_table">
                        <tr>
                            <th>ID</th>
                            <th>Nome</th>
                            <th>Descrição</th>
                            <th>Editar</th>
                            <th>Apagar</th>
                        </tr>
                        <?php
                        $c = new conexao;
                        $c->set_charset('utf8');
                        $q = "SELECT * FROM laboratorios;";
                        $r = $c->query($q);
                        while($laboratorio = $r->fetch_object()): ?>
                        <tr>
                            <td><?php echo $laboratorio->id; ?></td>
                            <td><a href='labs.php?action=view&id=<?php echo $laboratorio->id; ?>'><?php echo $laboratorio->nome; ?></a></td>
                            <td><?php echo $laboratorio->descricao; ?></td>
                            <td><a href='labs.php?action=edit&id=<?php echo $laboratorio->id; ?>'>Editar</a></td>
                            <td><a href='labs.php?action=delete&id=<?php echo $laboratorio->id; ?>'>Apagar</a></td>
                        </tr>
                        <?php endwhile; ?>
                    </table>
					<?php				
				break;
			}
		?>
    </div>
    
    <div id='footer'>
    <p>
    	        Sistema desenvolvido por <a href="mailto: xstefanox@gmail.com">Stefano Martins</a><br />
        	    Etec Geraldo José Rodrigues Alckmin - Taubaté
            </p>
    </div>
    </body>
</html>